Module Name: src Committed By: mlelstv Date: Sat Jun 29 05:08:35 UTC 2013
Modified Files: src/usr.bin/su: su_pam.c Log Message: Change to home directory only after setting the full user context to avoid issues with NFS or other user-mapped mounts that don't give root the privilege to chdir there. To generate a diff of this commit: cvs rdiff -u -r1.18 -r1.19 src/usr.bin/su/su_pam.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
Modified files: Index: src/usr.bin/su/su_pam.c diff -u src/usr.bin/su/su_pam.c:1.18 src/usr.bin/su/su_pam.c:1.19 --- src/usr.bin/su/su_pam.c:1.18 Thu Jun 20 20:54:02 2013 +++ src/usr.bin/su/su_pam.c Sat Jun 29 05:08:35 2013 @@ -1,4 +1,4 @@ -/* $NetBSD: su_pam.c,v 1.18 2013/06/20 20:54:02 christos Exp $ */ +/* $NetBSD: su_pam.c,v 1.19 2013/06/29 05:08:35 mlelstv Exp $ */ /* * Copyright (c) 1988 The Regents of the University of California. @@ -39,7 +39,7 @@ __COPYRIGHT("@(#) Copyright (c) 1988\ #if 0 static char sccsid[] = "@(#)su.c 8.3 (Berkeley) 4/2/94";*/ #else -__RCSID("$NetBSD: su_pam.c,v 1.18 2013/06/20 20:54:02 christos Exp $"); +__RCSID("$NetBSD: su_pam.c,v 1.19 2013/06/29 05:08:35 mlelstv Exp $"); #endif #endif /* not lint */ @@ -493,8 +493,6 @@ out: err(EXIT_FAILURE, "setting user context"); if (p) (void)setenv("TERM", p, 1); - if (gohome && chdir(pwd->pw_dir) == -1) - errx(EXIT_FAILURE, "no directory"); } if (asthem || pwd->pw_uid) { @@ -552,6 +550,13 @@ out: if (setusercontext(lc, pwd, pwd->pw_uid, setwhat) == -1) err(EXIT_FAILURE, "setusercontext"); + if (!asme) { + if (asthem) { + if (gohome && chdir(pwd->pw_dir) == -1) + errx(EXIT_FAILURE, "no directory"); + } + } + (void)execv(shell, np); err(EXIT_FAILURE, "%s", shell); done: